Created
April 1, 2018 04:23
-
-
Save sbsatter/294e6b6b0bb6f294e617a40220a5c4b2 to your computer and use it in GitHub Desktop.
This short guide helps to get started with setting up a Certificate Authority and a certificate for use in SSL.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. Create a root private key for signing certificates. (Done only once) | |
$ openssl genrsa -des3 -out rootCA.key 2048 | |
2. Self-sign this certificate | |
$ openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem | |
3. Create a certificate (Done once per device) | |
$ openssl genrsa -out my-cert.key 2048 | |
4. Now generate a CSR | |
$ openssl req -new -key my-cert.key -out my-cert.csr | |
5. Sign the CSR with the root CA key. | |
$ openssl x509 -req -in my-cert.csr -CA rootCA.pem -CAkey rootCA.key -CACreateSerial -out my-cert.crt -days 1024 -sha256 | |
References: | |
1. https://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate-authority/ | |
2. https://www.sslshopper.com/article-how-to-create-a-self-signed-certificate.html | |
3. https://www.mulesoft.com/tcat/tomcat-ssl |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment